Tuesday, August 13, 2013

FBI suspected of cyber-attack on anonymous web-hosting and email services

FBI suspected of cyber-attack on anonymous web-hosting and email services

By Mark Blackwood
12 August 2013
On August 5 malicious software (malware) in the form of a Java Script (JS) attack code was discovered embedded in multiple websites hosted by the anonymous hosting company Freedom Hosting (FH), the largest hosting company on the anonymous Tor network. Initial research into the malware by experts suggests that it originated from and returned private data back to the Federal Bureau of Investigation (FBI) or other US government agencies.
The malicious script was specifically designed to attack and exploit vulnerabilities within the Firefox 17 web browser, included within older versions of the Tor Browser Bundle (TBB), which allows for anonymous Internet access.

The WSWS needs your support!

Your donations go directly to financing, improving, and expanding the web site.
Donate
An announcement of the attack was made by the Tor Anonymity project, which stated, “An attack that exploits Firefox vulnerability in JavaScript has been observed in the wild. Specifically, Windows users using the Tor Browser Bundle (which includes Firefox plus privacy patches) appear to have been targeted.” It advised anyone using an older version of the Tor Browser Bundle (TBB) to update to the latest August 9 release immediately.
The detection of the malicious code coincided with the arrest of Eric Eoin Marques, the alleged administrator of FH, on suspicion that the company, which hosts a vast array of servers, had been hosting sites linked to child pornography. Shortly after Marques’ arrest every website hosted by FH was taken offline simultaneously, including the anonymous email service Tor Mail.
Owing to the fact that the TBB can inhibit the collection of data on a person’s online activities and connect it to his or her name, address, age, phone number, etc., the software has become increasingly popular, as has the free anonymous means of online communication offered by Tor Mail.
This is especially the case in the wake of the US government’s persecution of whistleblower Edward Snowden. The former intelligence contractor exposed mass internet surveillance by the US government’s National Security Agency (NSA) and its allies internationally. For disclosing these activities, Snowden has been subjected to an unprecedented international manhunt, stripped off his passport, and forced to seek temporary asylum in Russia.
TBB is used to access services on the “deep net” (servers not indexed by standard search engines) such as Tor Mail, which until August 5 had the capacity to enable anyone to safely leak information relating to government corruption, oppression and human rights abuses, without fear of being detected or having their anonymity compromised.
The goal of Tor Mail was to provide for free a completely anonymous means of email communication to anyone who needed it. As such, it had earned a reputation as being the most anonymous email operation online.
The servers accessed by Tor, now portrayed as an arena inhabited solely by criminal elements, have been used widely by human rights groups, journalists, whistle-blowers, protesters and political dissidents worldwide, as well as members of the wider public who value their right to privacy.
That is why the circulation of a malicious code that has the capacity to unmask and compromise a person’s anonymity is of great concern to those who have relied on the TBB and Tor Mail as a means of anonymous communication.
Claims that the attack only affects, or should be of concern to, those engaged in criminal activities online is false. http://www.wsws.org/en/articles/2013/08/12/torm-a12.html

No comments:

Post a Comment